Cross-Site-Scripting Proof of Concept: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(→Links) |
|||
| Zeile 31: | Zeile 31: | ||
*[[xss-poc-reverse-shell]] | *[[xss-poc-reverse-shell]] | ||
=Links= | =Links= | ||
| + | *https://rioasmara.com/2020/09/21/from-xss-csrf-command-injection-to-reverse-shell/ | ||
*https://www.hackingarticles.in/cross-site-scripting-exploitation/ | *https://www.hackingarticles.in/cross-site-scripting-exploitation/ | ||
Version vom 28. Juli 2021, 18:04 Uhr
Script
<?php
if(isset($_GET['submit'])){
$msg = $_GET['msg'];
}
?>
<!DOCTYPE html>
<html>
<body>
<h2>Authentifizierung</h2>
<form method="get">
<label for="fname">Input</label><br>
<input type="text" name="msg"><br>
<input type="submit" name="submit" value="klick">
</form>
<br>
<?php
echo "Hello $msg";
?>
</table>
</body>
</html>